ClawHub
Back to skill
v1.0.0

CNY RMB A股 China A shares Stock

SuspiciousClawScan verdict for this skill. Analyzed Apr 30, 2026, 5:27 PM.

Analysis

The skill mostly matches its stock hot-search purpose, but it has an unexplained sensitive-credentials signal despite saying no credentials are needed.

GuidanceBefore installing, be comfortable with outbound requests to public Weibo and market-data sources and with manually installing an unpinned akshare dependency. Do not provide any tokens, cookies, passwords, or account credentials unless the publisher clearly documents why they are needed and how they are protected.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agent Goal Hijack
SeverityLowConfidenceMediumStatusNote
scripts/analyzer.py
url = "https://weibo.com/ajax/side/hotSearch" ... "keyword": item.get("word", "") ... lines.append(f"  #{item['keyword']}#  🔥{hot_str} ...")

The script fetches public Weibo hot-search text and copies it into the report. This is purpose-aligned, but the retrieved text is untrusted and could be instruction-like if later read by an agent.

User impactPublic social-media text may appear in the agent’s context; it should be treated as market data, not as instructions.
RecommendationTreat fetched hot-search terms as untrusted data only, and do not let them change the agent’s goals, tool choices, or stopping conditions.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
SKILL.md
- akshare (`pip3 install akshare`)

The skill relies on a third-party Python package installed without a version pin. This dependency is purpose-aligned, but unpinned packages can change behavior over time.

User impactInstalling the latest akshare version may expose the user to dependency changes or package supply-chain risk.
RecommendationInstall akshare from a trusted source and prefer a pinned, reviewed version.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceMediumStatusConcern
metadata
Required env vars: none; Primary credential: none; Capability signals: requires-sensitive-credentials

The credential contract says no credentials are required, but the capability signal says the skill requires sensitive credentials. The artifacts do not explain what credentials would be used for or how their scope is bounded.

User impactA user could be asked to provide sensitive credentials without clear purpose, scope, or safeguards.
RecommendationDo not provide passwords, cookies, tokens, or account credentials to this skill unless the publisher clarifies and narrows the credential requirement.